Hey so not sure why 10101010 could not share, but I just recreated this for my own use - a PowerShell script that loops, checking public IPs, and making a dashboard call to update the 3rd Party VPN peer when need be. I myself use this on a host that is sitting behind a dynamic IP, since Meraki does not seem to implement IPSec's 'Remote ID' properly. Oh, I also did this with v1 API instead of v0. Just add in your Org ID, API Key, and ensure the user for that API key has full rights. Maybe change the VPN endpoint name too. All variables tagged with ###, and it's in PowerShell but should not be hard to convert to any other lang. [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$url = "https://api.meraki.com/api/v1/organizations/###/appliance/vpn/thirdPartyVPNPeers"
$header = @{
"Content-Type" = "application/json"
"Accept" = "application/json"
"X-Cisco-Meraki-API-Key" = "###"
}
$LastPublicIP = (Invoke-WebRequest ipecho.net/plain).content.trim()
Write-Host "Starting IP is" $LastPublicIP
$LastPublicIP = "0.0.0.0" # This causes an update to always run immediately
Do {
$CurrentPublicIP = (Invoke-WebRequest ipecho.net/plain).content.trim()
if ($LastPublicIP -ne $CurrentPublicIP){
Write-Host "Found IP Change. Last IP was" $LastPublicIP "and new IP is" $CurrentPublicIP ". Updating VPN settings via API!"
$LastPublicIP = $CurrentPublicIP
$Peers = ConvertFrom-Json -InputObject (Invoke-WebRequest -Method Get -Uri $url -Headers $header)
$Peers.peers | ForEach-Object {
if($_.name -eq "###") {
$_.publicIp = $CurrentPublicIP
}
}
$resposne = Invoke-RestMethod -Method Put -Uri $url -Body (ConvertTo-Json -InputObject $Peers -Depth 5) -Headers $header
}
Start-Sleep -Seconds 5 ### Update to your desired loop time
} While($true) You could actually compare the publicIp property from a GET and only do the PUT if it changes, but I did not want to do endless API GET calls due to Meraki rate limiting, lag, etc, so I just use a public IP service. Enjoy folks!
... View more
